Back to skill
Skillv1.0.0
VirusTotal security
PLS Website Audit · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:23 AM
- Hash
- 1fe8e2a232189b9a4f4f246826fddd7512d4c9cca49c968ffb18c3d35bee8787
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: pls-audit-website Version: 1.0.0 The skill bundle is designed for legitimate website auditing, utilizing various command-line tools (curl, wget, openssl) and Python scripts (requests, BeautifulSoup). However, it is classified as suspicious due to its reliance on dynamic package installation via `pip install LinkChecker` and `npx` for tools like Lighthouse and axe-cli. While these actions are necessary for the stated purpose, they introduce a significant supply chain risk, as the agent can fetch and execute arbitrary code from external package repositories. There is no evidence of intentional malicious behavior like data exfiltration or unauthorized system modification within the provided code or instructions in `SKILL.md`.
- External report
- View on VirusTotal